<?php
/***********************************************
 *      yaf 框架权限控制器
 * 文件: /controller/Auth.php
 * 说明: yaf 框架权限控制器
 * 作者: Myxf
 * 更新: 2015年7月29日
 ***********************************************/

/**
 * yaf 框架权限控制器
 */
class AuthController  {
    private $_this;
    function __construct($object){
        $this->_this = $object;
    }

    public function cklogin(){
        if (empty($_SESSION['a_username']) || empty($_SESSION['a_userid']) || empty($_SESSION['a_usergroup'])){
              header("location:../index/login");
              exit();
        }
        $group = M::db("group");
        $url = strtolower("/".$this->_this->getRequest()->getControllerName()."/".$this->_this->getRequest()->getActionName()."/");
        $mgroup = $group->getOne("*","groupid=".$_SESSION['a_usergroup']." and groupurl='".$url."'");
        if (empty($mgroup) || strpos($mgroup['group'],"view")===false){
          $this->err("权限错误","抱歉：您没有访问此页面的权限！Err:001");
        }
        $act = $this->_this->getRequest()->get("act");
        if (!empty($act)){
          if (strpos($mgroup['group'],$act)===false){
            $this->err("权限错误","抱歉：您没有访问此页面的权限！Err:002");
          }
        }
    }

    public function err($title,$context,$url="javascript:void(history.go(-1))"){
        $sy = $this->_this->getView();
        $sy->err = array('title'=>$title,'context'=>$context,'url'=>$url);    
        $sy->display("auth/err.phtml");
        exit();
    }

    public function ok($title,$context,$url="javascript:void(history.go(-1))"){
        $sy = $this->_this->getView();
        $sy->err = array('title'=>$title,'context'=>$context,'url'=>$url);  
        $sy->display("auth/ok.phtml");
        exit();
    }

}
